and another arrives. So while they are unique at a moment in time, they do
not always uniquely identify one person over a period of time.
I ran into this when trying to send an email to a friend and the email went
to a new person at that address. The address was composed of the person's
name, it just coincided with a new customer's name and so got reused.
-Kevin
----- Original Message -----
From: "Paul Vernon" <[EMAIL PROTECTED]>
To: "CF-Talk" <[EMAIL PROTECTED]>
Sent: Sunday, January 04, 2004 11:18 PM
Subject: RE: Password Logic
> Wherever possible we try to use an e-mail address as the username and then
> generate a password and e-mail it to the user. That way, they are
guaranteed
> to give you a valid address as they can't get in without one... It also
> covers the uniqueness angle as an e-mail address is unique.
>
> Once the user is logged in then we let them change their password as often
> as they want..
>
> If the user changes their e-mail address however, we go back to the auto
> generation of a new password, log them out as a security measure and send
> out the new password to them to make sure that they have changed their
> e-mail address to something that is once again valid.
>
> If they mess up and they need the service, they'll re-register (if its
free)
> or contact tech support to fix their details up so they can login again if
> it's a subscribtion based service :)
>
> Paul
>
>
>
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
